On Sat, Aug 14, 2021 at 04:56:33AM +0000, Viktor Dukhovni <postfix-usersdukhovni!org> wrote:
> > On 14 Aug 2021, at 12:54 am, Benny Pedersen <m...@junc.eu> wrote: > > > > its then impossible to verify if there ever was an extra header or = > not, this still make it less strong, it does not more secure or not with = > that feature > > > > this makes dkim more weak to have that as valid, and imho it does not = > being needed > > My advice to read the specification stands. If you haven't taken the > time to understand it, there's little to be gained by talking about it. > Best to desist. > > -- > Viktor. Benny, Some relevant sections of the RFC are: 8.15. Attacks Involving Extra Header Fields https://datatracker.ietf.org/doc/html/rfc6376#section-8.15 5.4. Determine the Header Fields to Sign https://datatracker.ietf.org/doc/html/rfc6376#section-5.4 Oversigning definitely catches any extra occurrence of the oversigned header. I was just talking nonsense. The "extra" non-existant oversigned header that is included in the signature is the empty string. When verifying, any maliciously added instance of the oversigned header will not be the empty string. It will be a header. So the signature wouldn't be valid. cheers, raf